from the 'you're-making-us-look-bad'-said-company-caught-looking-bad dept

Nothing says "Please stopkeep talking about the bad stuff we do" quite like a bogus defamation lawsuit. Citizen Lab, which has reported on a great number of tech companies that are less than discriminating in their selection of customers (think Hacking Team), has been served with a lawsuit by a purveyor of internet censorship software.

On January 20, 2016, Netsweeper Inc., a Canadian Internet filtering technology service provider, filed a defamation suit with the Ontario Superior Court of Justice. The University of Toronto and myself were named as the defendants. The lawsuit in question pertained to an October 2015 report of the Citizen Lab, “Information Controls during Military Operations: The case of Yemen during the 2015 political and armed conflict,” and related comments to the media. Netsweeper sought $3,000,000.00 in general damages; $500,000.00 in aggravated damages; and an “unascertained” amount for “special damages.”

Netsweeper apparently was less than amused by Citizen Lab's insistence on reporting facts, including the nasty one about it supplying internet filtering software to a country whose government has been blacklisted by the United Nations. You know, things like this:

The research confirms that Internet filtering products sold by the Canadian company Netsweeper have been installed on and are presently in operation in the state-owned and operated ISP YemenNet, the most utilized ISP in the country.

Netsweeper products are being used to filter critical political content, independent media websites, and all URLs belonging to the Israeli (.il) top-level domain.

These new categories of censorship are being implemented by YemenNet, which is presently under the control of the Houthis (an armed rebel group, certain leaders and allies of which are targeted by United Nations Security Council sanctions).

Netsweeper was given a chance to defend itself against Citizen Lab's allegations before the report was made public.

We sent a letter by email directly to Netsweeper on October 9, 2015. In that letter we informed Netsweeper of our findings, and presented a list of questions. We noted: “We plan to publish a report reflecting our research on October 20, 2015. We would appreciate a response to this letter from your company as soon as possible, which we commit to publish in full alongside our research report.”

Netsweeper never replied.

Rather than meet the situation head on, Netsweeper chose to hang back and lob a lawsuit at Citizen Lab after it published its report. Fortunately for the security researchers, Netsweeper has chosen to drop its lawsuit entirely, possibly because pursuing the questionable defamation claims would have put it up against Ontarios's version of anti-SLAPP laws: the Protection of Public Participation Act.

The world of security research is still a dangerous place. When researchers aren't being arrested for reporting on their findings, they're being sued for exposing security flaws and highly-questionable behavior. It's a shame there aren't more built-in protections for researchers, who tend to receive a lot of legal heat just for doing their job.

To outside observers focused on Snowden's leaks, the intelligence community's decision to show its hand looked very much like a calculated move designed to shift focus away from the ongoing "unauthorized disclosures" and onto the incautiously triumphant agency. Now, nearly two months down the road, intelligence officials are claiming this leak has been more damaging to its surveillance efforts than all of Snowden's combined.

Since news reports in early August revealed that the United States intercepted messages between Ayman al-Zawahri, who succeeded Osama bin Laden as the head of Al Qaeda, and Nasser al-Wuhayshi, the head of the Yemen-based Al Qaeda in the Arabian Peninsula, discussing an imminent terrorist attack, analysts have detected a sharp drop in the terrorists’ use of a major communications channel that the authorities were monitoring. Since August, senior American officials have been scrambling to find new ways to surveil the electronic messages and conversations of Al Qaeda’s leaders and operatives.

“The switches weren’t turned off, but there has been a real decrease in quality” of communications, said one United States official, who like others quoted spoke on the condition of anonymity to discuss intelligence programs.

Why the change in heart? Well, when officials first leaked the details, the government asked that certain names involved be withheld. The New York Times complied. McClatchy News, however, did not. When it broke the story, it mentioned two names.

An official who’d been briefed on the matter in Sanaa, the Yemeni capital, told McClatchy that the embassy closings and travel advisory were the result of an intercepted communication between Nasir al-Wuhayshi, the head of the Yemen-based Al Qaida in the Arabian Peninsula, and al Qaida leader Ayman al Zawahiri in which Zawahiri gave “clear orders” to al-Wuhaysi, who was recently named al Qaida’s general manager, to carry out an attack.

The question now becomes: if the leak was so damaging, why did the government leak it? Sure, it told the New York Times that revealing the names would "jeopardize its operations." But it would seem that simply revealing it had listened in on a "conference call" would do the same thing, especially after issuing orders to close down embassies it thought might be affected. (This group of nineteen embassies was reopened after it was determined the plot centered on Yemen.) It wouldn't take the terrorists involved too long to figure out what recent group discussions centered around threats to embassies and, from there, narrow down which forms of communication were used. McClatchy's decision to name names seems incidental to the whole collection process.

When the fingers are pointed by the intelligence community, a great many of them need to be aimed at officials privy to the details. This was originally portrayed as intelligence agencies doing the job they keep claiming they're doing: detecting and reacting to terrorist plots. Two months down the road, the leak/spin attempt is being referred to as "incredibly damaging." It just doesn't add up.

It seems that others are finding the Times story (and officials' claims) unbelievable as well. McClatchy's pushback on the NYT's narrative involves some strongly-worded statements that question the government's credibility and its delayed reaction.

Asher, in a statement, said that in the nearly two months since McClatchy had published its story, no U.S. agency has contacted the newspaper company about the article or has asked any questions about the origins of the story.

“Multiple sources inside and outside of the Yemeni government confirmed our reporting and not one of them told us not to publish the facts,” Asher said. Gregory Johnsen, a Yemen expert and the author of “The Last Refuge,” a book on al Qaida in Yemen, said that he had been told before the McClatchy report that Zawahiri and Wuhayshi were the two men who’d been monitored and that many people in Yemen knew the details of the communication. Johnsen had made a similar statement to McClatchy in early August.

“The idea that the identities of Wuhayshi and Zawahiri are responsible for the difficulties the U.S. is having in tracking al Qaida and AQAP is laughable,” Johnsen said Monday, referring to the Yemen al Qaida affiliate by its initials. “The U.S. publicly closed 19 embassies, the participation of Wuhayshi and Zawahiri was well known in Yemen. I was told about it prior to McClatchy publishing it. And once the leaks start from the U.S. government they can be hard to stop or to control.”

That last sentence is particularly damaging. The anonymous officials quoted in the several articles dealing with the "terrorist chatter" were pushing a narrative of their own -- one that portrayed the US intelligence network as heroes combating terrorism using its extensive surveillance toolkit. The faux-leakage seemed to be ordained by the administration itself, which issued no statements at the time decrying the spilling of confidential information. What looked at the time to be a blatant attempt to spin the story in the NSA's favor now looks undeniably like a diversionary tactic that backfired badly, possibly compromising a valuable intercept.

But even this new concern may be nothing but spin, or an attempt to lull NSA targets into a false sense of security. As McClatchy notes, much of the communications loss occurred well before the August leaks.

Johnsen and other observers of Yemen said they doubted that the reports had anything to do with a drop-off in terrorists “chatter.” They said the decline in al Qaida in the Arabian Peninsula’s use of electronic communication pre-dated the August embassy plot, with some tying it to increased pressure on the group--including a sustained uptick in the frequency of drone strikes on Al Qaida targets dating back to the end of 2011…

Yemeni journalists also have noticed that once-regular email statements from the group have dried up since mid-2012 and attributed the silence to a Yemeni military offensive against AQAP-affiliated militants in the southern Abyan province.

There's no indication the administration is mounting an investigation into these "leaks," which would indicate there was some approval at high levels to allow this narrative to be deployed. If the NSA has truly lost a valuable intercept, it really has no one to blame but the White House.. and itself.

from the shameful dept

You may recall that, last month, Glenn Greenwald's partner David Miranda was detained at Heathrow for nearly 9 hours for helping Greenwald do journalism. There were many problems with this detention, not the least of which that officials used an anti-terrorism law, called Schedule 7, for the detention. The author of Schedule 7, Charles Falconer, specifically has said that the law wasn't intended for such purposes. And yet, it appears that the UK authorities aren't backing down from abusing Schedule 7 to intimidate people having nothing to do with terrorism.

Baraa Shiban, a respected human rights activist who works in Yemen as a project co-ordinator for the London-based legal charity Reprieve and was travelling to London to speak at an event, said he was held for an hour on Monday night and questioned about his work and political views.

He was detained under schedule 7 to the Terrorism Act, the same legislation used last month at Heathrow to detain David Miranda, the partner of Glenn Greenwald, the Guardian journalist who has written about mass internet surveillance by the US National Security Agency and Britain's GCHQ.

Shiban is a member of Yemen's National Dialogue – the body tasked with mapping out the country's democratic future

Shiban was going to the UK to give a speech on, of all things, "security, diplomacy and aid." He may want to edit the planned remarks slightly. Shiban further pointed out that the detention was focused on his human rights activities. Remember this is under a law that is supposed to only be used to stop terrorists.

Shiban said: "I was stunned when the border agent said I was being held simply because I came from Yemen. It was even more shocking when he spent the entire time asking me about my human rights work and about Reprieve, the charity I work for.

"Is the UK the kind of place that human rights activists are fair game for detention, intimidation and interrogation?"

The excuse given by Sussex police is especially pathetic:

A spokesman said: "He was referred to Sussex police by Border Force officials. He spoke with officers for around half an hour and was then free to continue his journey. We are satisfied that our actions were legitimate, justified and proportionate and were carried out in accordance with the act."

Remember, the act is supposed to only be used in investigating possible terrorist activity. These are the kinds of activities that we used to associate with authoritarian non-democratic countries. And now we're regularly seeing such abuse in the US and the UK.